Some computers impose access privileges on files. In a conventional approach, each file has an access class and each user has an access privilege which are manually set to specific values or automatically set to default settings. For example, an access control program running on a computer allows a user having a first type of access privilege to access the contents of the file having a first access class while the access control program denies, to the user having a second type of access privilege, access to the contents of the files having the first access class. Further, the access control program denies, to the user having the first type of access privilege, access to the contents of the files having a second access class.
Some computers are equipped with data loss prevent (DLP) software. The DLP software typically scans data within the files for data fitting certain sensitive data formats (e.g., credit card numbers, social security numbers, etc.). The DLP software can then flag or restrict access to any files containing these sensitive data formats.